10 Things to Consider When Developing BYOD Security Policy

Debra Donston-Miller08/31/13

10 Things to Consider When Developing BYOD Security Policy

The bring-your-own-device — or BYOD — movement has opened up a new world of ­opportunities for companies and end users alike. For example, companies can reduce the costs associated with device procurement, and employees get to use their preferred devices and mobile operating systems. But with this opportunity comes a great deal of ­ambiguity, especially as related to security. The employee owns the device, but what about the data on the device? What happens if the device is lost or stolen? Who’s liable? Can the company dictate that certain security programs be installed on a device it doesn’t own?

These are but a few of the questions surrounding BYOD right now. This level of ­uncertainty presents a good reason for developing a BYOD security policy, but it also makes it really challenging to actually create such a policy, let alone implement it.

Also complicating matters is the fact that there are so many variables across organizations that dictate what should and should not be in any policy — BYOD or otherwise. ­However, there are guidelines that any company can follow in order to develop a BYOD policy that will balance flexibility and productivity with privacy and security. In this ­report, Dark Reading provides a list of 10 things companies should consider when setting out to develop a BYOD security policy. (S7340913)